The Health Insurance Portability and Accountability Act is commonly known in medical circles as HIPPA. Most people see HIPAA in the context of national standards for the confidentiality and protection of their medical information.
Pursuant to HIPPA, every health care provider and their business associates are required to develop, implement and follow procedures that assure and maintain confidential information contemplated by the act when it’s handled, transmitted, received or shared. This obligation extends to any type of personal health information whether it’s written, oral, or electronic. For purposes of conducting business, only minimal personal health information can be shared.
The privacy rule
HIPPA applies to all health insurance plans, health care clearinghouses, and any health care providers that conduct specific health care transactions electronically. The act prescribes limits and conditions on how personal health information is used and disclosed without written authorization from the patient. The act also gives individuals rights in connection with their personal health information, including but not limited to obtaining copies of their health records and the right to request corrections in them.
No more paper records
The day is around the corner when paper medical records won’t exist anymore. According to Health Data Archiver, hospitals and clinics that are low on resources can’t effectively store, transmit or share medical records, so the records are sent to companies like it for archiving. A patient data archive that’s HIPPA compliant can include all or nearly all patient personal health information accurately and securely.
Penalties for failure to comply with HIPPA
Civil penalties of $100 for each violation of the act can be stacked on top of each other for multiple violations involving a single individual. Maximum annual civil penalties are $25,000 per year per person per standard. That means if three standards were violated for one person, the maximum civil penalty could be $75,000. If information is knowingly and improperly disclosed or obtained under false pretenses, the criminal penalty can be up to 10 years in prison and a fine not to exceed $250,000. More severe penalties are in place for circumstances involving false pretenses or malicious harm. Private civil actions can also be brought by affected individuals.
You’re generally better safe than sorry. When in doubt, exercise the maximum degree of privacy and confidentiality possible. An authorization for release of personal health information from the patient on a HIPAA compliant form is how those governed by HIPAA privacy protection remain compliant.
This article is from Lizzie Weakley, a freelance writer from Columbus, Ohio. She went to college at The Ohio State University where she studied communications. She enjoys the outdoors and long walks in the park with her four-year-old husky Snowball.